htaccess blocks file access from users and server

[JohnnyDoomo]

I am trying to get an htaccess file to block users from looking at files.

 

If I even password protect the folder, the script that needs those files fails.

 

I have used "Options -Indexes" on the main htaccess, but this still allows somebody to type in the exact file name and view it's contents.

 

I'm not sure if my server is configured wrong or what. I just need the htaccess to block USER access to any file with a .x extention, while still allowing the server and scripts to access it. I'm trying to say away from having to include the servers ip address, but I'm not sure if that's the whole way around.

 

Here's what I currently have

 

<Files ~ "\.x$"> 
order allow,deny
allow from localhost
deny from all
</Files>

 

Any help would be appreciated, thanks.